New Filters:
45005: HTTP: Suspicious Marvell QConvergeConsole QLogicUpload3Servlet File Upload (ZDI-25-465,466)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Security Policy
- Severity: Moderate
- Description: This filter detects a suspicious file upload in Marvell QConvergeConsole.
- Deployment: Not enabled by default in any deployment.
- References:
- Common Vulnerabilities and Exposures: CVE-2025-6808 CVSS 9.8, CVE-2025-6809 CVSS 9.8
- Zero Day Initiative: ZDI-25-465, ZDI-25-466
- Classification: Security Policy - Other
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: July 15, 2025
46116: ZDI-CAN-27382: Zero Day Initiative Vulnerability (Fortinet FortiWeb)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter protects against exploitation of a zero-day vulnerability affecting Fortinet FortiWeb.
- Deployments:
- Deployment: Default (Block / Notify / Trace)
- Deployment: Evaluation (Permit / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: July 15, 2025
46159: ZDI-CAN-27383: Zero Day Initiative Vulnerability (Fortinet FortiWeb)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter protects against exploitation of a zero-day vulnerability affecting Fortinet FortiWeb.
- Deployments:
- Deployment: Default (Block / Notify / Trace)
- Deployment: Evaluation (Permit / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: July 15, 2025
46163: HTTP: Adobe ColdFusion Command Injection Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a command injection vulnerability in Adobe ColdFusion.
- Deployments:
- Deployment: Default (Block / Notify)
- Deployment: Evaluation (Permit / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2025-49537
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: HTTP
- Platform: Multi-Platform Client Application
- Release Date: July 15, 2025
46164: HTTP: Adobe ColdFusion Cross-Site Scripting Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a cross-site scripting vulnerability in Adobe ColdFusion.
- Deployments:
- Deployment: Default (Block / Notify)
- Deployment: Evaluation (Permit / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2025-49543
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: HTTP
- Platform: Multi-Platform Client Application
- Release Date: July 15, 2025
46165: HTTP: Adobe ColdFusion Cross-Site Scripting Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a cross-site scripting vulnerability in Adobe ColdFusion.
- Deployments:
- Deployment: Default (Block / Notify)
- Deployment: Evaluation (Permit / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2025-49542
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: HTTP
- Platform: Multi-Platform Client Application
- Release Date: July 15, 2025
46166: HTTP: Adobe ColdFusion Cross-Site Scripting Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a cross-site scripting vulnerability in Adobe ColdFusion.
- Deployments:
- Deployment: Default (Block / Notify)
- Deployment: Evaluation (Permit / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2025-49541
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: HTTP
- Platform: Multi-Platform Client Application
- Release Date: July 15, 2025
46167: HTTP: OpenEMR Procedure Order Patient Names Stored Cross-Site Scripting Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a stored cross-side scripting vulnerability in OpenEMR.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2025-32794 CVSS 8.6
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: July 15, 2025
46168: HTTP: Adobe ColdFusion Cross-Site Scripting Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a cross-site scripting vulnerability in Adobe ColdFusion.
- Deployments:
- Deployment: Default (Block / Notify)
- Deployment: Evaluation (Permit / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2025-49540
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: HTTP
- Platform: Multi-Platform Client Application
- Release Date: July 15, 2025
46174: HTTP: Adobe ColdFusion XML Injection Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit an insecure XML injection vulnerability in Adobe ColdFusion.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2025-49538
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: July 15, 2025
46175: TCP: IBM nimsh Authentication Bypass Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Exploits
- Severity: Critical
- Description: This filter detects an attempt to exploit an authentication bypass vulnerability in IBM nimsh.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2024-56347
- Classification: Vulnerability - Access Validation
- Protocol: TCP (Generic)
- Platform: Multi-Platform Server Application or Service
- Release Date: July 15, 2025
46189: HTTP: MCP Inspector Suspicious Command Execution
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Security Policy
- Severity: Moderate
- Description: This filter detects suspicious command execution on MCP Inspector.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2025-49596
- Classification: Security Policy - Other
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: July 15, 2025
46190: HTTP: WordPress AIT CSV Import Export Plugin Arbitrary File Upload Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit an arbitrary file upload vulnerability in the AIT CSV Import Export plugin for WordPress.
- Deployments:
- Deployment: Default (Block / Notify)
- Deployment: Evaluation (Permit / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2025-34083
- Classification: Vulnerability - Other
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: July 15, 2025
46192: HTTP: Asus GT-AC2900 Authentication Bypass Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: High
- Description: This filter detects an attempt to exploit an authentication bypass vulnerability in Asus GT-AC2900.
- Deployments:
- Deployment: Default (Block / Notify)
- Deployment: Evaluation (Permit / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2021-32030
- Classification: Vulnerability - Access Validation
- Protocol: HTTP
- Platform: Networked Hardware Device Application or Service
- Release Date: July 15, 2025
46193: HTTP: ASUS RT-AX55 Command Injection Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a command injection vulnerability in ASUS RT-AX55.
- Deployments:
- Deployment: Default (Block / Notify)
- Deployment: Evaluation (Permit / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2023-39780
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: July 15, 2025
46194: HTTP: D-Link DIR-859 Directory Traversal Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a directory traversal vulnerability in D-Link DIR-859.
- Deployments:
- Deployment: Default (Block / Notify)
- Deployment: Evaluation (Permit / Notify)
- Deployment: Performance-Optimized (Disabled)
- References:
- Common Vulnerabilities and Exposures: CVE-2024-0769
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: HTTP
- Platform: Networked Hardware Device Application or Service
- Release Date: July 15, 2025
46195: HTTP: TP-Link TL-WR940N/TL-WR841N Command Injection Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter protects against the exploitation of a command injection vulnerability affecting TPLink TL-WR940N/TL-WR841N.
- Deployments:
- Deployment: Default (Block / Notify)
- Deployment: Evaluation (Permit / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2023-33538
- Classification: Vulnerability - Other
- Protocol: HTTP
- Platform: Networked Hardware Device Application or Service
- Release Date: July 15, 2025
46197: HTTP: Apple WebKit postMessage Use-After-Free Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a use-after-free vulnerability in Apple WebKit.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2023-28205 CVSS 8.8
- Classification: Vulnerability - Other
- Protocol: HTTP
- Platform: Multi-Platform Client Application
- Release Date: July 15, 2025
Modified Filters (logic changes):
* = Enabled in Default deployments
* 35088: HTTP: Oracle WebLogic Server DeploymentService Directory Traversal Vulnerability (ZDI-19-663)
- IPS Version: 3.6.2 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Detection logic updated.
- Release Date: May 07, 2019
- Last Modified Date: July 15, 2025
37419: HTTP: Progress Telerik UI for ASP.NET AJAX rauPostData File Upload Request (ZDI-25-468)
- IPS Version: 3.6.2 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Name changed from "37419: HTTP: Progress Telerik UI for ASP.NET AJAX rauPostData File Upload Request".
- Detection logic updated.
- Vulnerability references updated.
- Release Date: March 31, 2020
- Last Modified Date: July 15, 2025
44847: HTTP: Marvell QConvergeConsole Directory Traversal Vulnerability (ZDI-25-451-ZDI-25-463)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "44847: ZDI-CAN-24913-14,16-21,23-25,79-80: Zero Day Initiative Vulnerability (Marvell QConvergeConsole)".
- Severity changed from "Critical" to "High".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: October 01, 2024
- Last Modified Date: July 15, 2025
44848: HTTP: Marvell QConvergeConsole QLogicDownloadImpl Directory Traversal Vulnerability (ZDI-25-450)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "44848: ZDI-CAN-24912: Zero Day Initiative Vulnerability (Marvell QConvergeConsole)".
- Severity changed from "Critical" to "High".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: October 01, 2024
- Last Modified Date: July 15, 2025
44895: HTTP: Marvell QConvergeConsole getFileFromURL Unrestricted File Upload Vulnerability (ZDI-25-464)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "44895: ZDI-CAN-24922: Zero Day Initiative Vulnerability (Marvell QConvergeConsole)".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: October 15, 2024
- Last Modified Date: July 15, 2025
* 45092: HTTP: Fortinet FortiWeb cgi_httpcontentrouting_post Directory Traversal Vulnerability (ZDI-25-288)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: November 19, 2024
- Last Modified Date: July 15, 2025
45730: HTTP: Allegra unzipFileIntoDirectory Directory Traversal Vulnerability (ZDI-25-254)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "45730: ZDI-CAN-26524: Zero Day Initiative Vulnerability (Allegra)".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: April 15, 2025
- Last Modified Date: July 15, 2025
* 46121: HTTP: Citrix NetScaler ADC and NetScaler Gateway Memory Leak Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: July 08, 2025
- Last Modified Date: July 15, 2025
Modified Filters (metadata changes only):
* = Enabled in Default deployments
13855: TCP: XML External Entity (XXE) Usage
- IPS Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Vulnerability references updated.
- Release Date: April 28, 2014
- Last Modified Date: July 15, 2025
45839: HTTP: Delta Electronics CNCSoft Screen Editor DPB File Parsing Out-Of-Bounds Write (ZDI-25-469)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "45839: ZDI-CAN-26718: Zero Day Initiative Vulnerability (Delta Electronics CNCSoft)".
- Description updated.
- Vulnerability references updated.
- Release Date: May 13, 2025
- Last Modified Date: July 15, 2025
45840: HTTP: Delta Electronics CNCSoft Screen Editor DPB File Parsing Out-Of-Bounds Write (ZDI-25-470)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "45840: ZDI-CAN-26719: Zero Day Initiative Vulnerability (Delta Electronics CNCSoft)".
- Description updated.
- Vulnerability references updated.
- Release Date: May 13, 2025
- Last Modified Date: July 15, 2025
45842: HTTP: Delta Electronics CNCSoft Screen Editor DPB File Parsing Out-Of-Bounds Write (ZDI-25-472)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "45842: ZDI-CAN-26720: Zero Day Initiative Vulnerability (Delta Electronics CNCSoft)".
- Description updated.
- Vulnerability references updated.
- Release Date: May 13, 2025
- Last Modified Date: July 15, 2025
45848: HTTP: Delta Electronics CNCSoft Screen Editor DPB File Parsing Out-Of-Bounds Write (ZDI-25-471)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "45848: ZDI-CAN-26842: Zero Day Initiative Vulnerability (Delta Electronics CNCSoft)".
- Description updated.
- Vulnerability references updated.
- Release Date: May 13, 2025
- Last Modified Date: July 15, 2025
* 46160: HTTP: Microsoft SharePoint Insecure Deserialization Vulnerability (Pwn2Own ZDI-25-581)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "46160: HTTP: Microsoft SharePoint DataSetSurrogateSelector Insecure Deserialization Vulnerability".
- Description updated.
- Vulnerability references updated.
- Release Date: July 08, 2025
- Last Modified Date: July 15, 2025
Removed Filters:
33471: ZDI-CAN-6774: Zero Day Initiative Vulnerability (Adobe Acrobat Pro DC)
- IPS Version: 3.6.2 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Release Date: November 13, 2018
- Last Modified Date: December 03, 2024
|
Welcome to the future of Business Support! I'm Trend Companion, your
AI assistant ready to streamline your experience.
Log in for your personalized support!
Chat with Trend Companion for quick answers, or submit a case for
detailed troubleshooting.